As we all soon will head out on upcoming holiday vacations, we all run the danger of becoming a remote risk for our companies, often without being aware of it.

As we all soon will head out on upcoming holiday vacations, we all run the danger of becoming a remote risk for our companies, often without being aware of it. In an era where it is increasingly difficult for workers to simply “switch off” when on vacation, the need to stay in touch with the office through mobile phones and tablets is only increasing. But this need to stay in touch is also putting critical systems at higher risk of attacks and unauthorized access, and potentially compromising companies’ sensitive information.

According to a recent survey by Ernst & Young, tablet computer use for business has more than doubled since 2011. Further, 37 percent of respondents identified careless or unaware employees as the threat that has most increased their organization’s risk exposure as, with inadvertent employee data loss rising 25 percent year over year.

According to Terry Jost, Partner/Principal, Ernst & Young Advisory Services Practice, all employees can take some simple – but critical – steps to protect themselves and the enterprise against seasonal security vulnerabilities:

Avoid posting “out of office” auto replies. These confirm that you are away and may invite mischief and hacking into your account. Instead, notify a close circle of internal and external contacts that you will be out of the office. Provide the name of an individual they can contact for matters requiring immediate attention.

Avoid using personal accounts on public computers and terminals, including those found in cyber cafes and summer vacation rentals.

Try not to use public websites and free Wi-Fi to access work-related e-mail and files. Instead, use your smartphone as a local wireless hub. Alternatively, subscribe to a temporary hotspot.

Make sure that security settings are up-to-date on all of your mobile devices.

Similar to laptops and home computers, tablets should be password protected. You should enable the “Where’s my device” feature on all mobile devices and be able to deactivate devices remotely in the event of loss or theft.

Consider leaving your mobile device at home when traveling to high-risk countries. Most companies have travel policies that may advise you to rent a temporary device if connectivity is required.

Use complex passwords for your online accounts. Change them often and use different passwords for different sites. The average person has more than 50 online accounts so invest in a secure password manager.

Do not disclose your travel plans on social media sites. As a rule of thumb, only post in the past tense.

Has there always been a “seasonal risk” for data theft?

While we may let our guard down during some seasons due to holiday travel and staying in remote locations, this is really more about an evolutionary risk. As the number of mobile devices in the world increases, the potential for new cyber-attacks becomes more likely, day after day, season after season. This can include new forms of malware on devices and issues facing mobile communications.

Is there one particular season or holiday that is worse than others?

Attacks could be linked to our changing patterns of increased travel during the holidays. There could be greater chances when someone can penetrate your system, or access your data as you move from location to location.

What can CSOs do to prevent laptop theft in their enterprises? You can only tell an employee so much, right?

CSOs need to keep the following in mind:

A.) It is an awareness issue. Everyone at a company has to be aware of cyber-security threats and their role in preventing them.

B.) The right tools need to be in place on your company’s mobile devices to protect the information contained on them. Laptops and such are always going to get lost. The important thing is that you encrypt the information on these devices and have the ability to remotely wipe all the information from that device once it has been confirmed as lost.

C.) You also need a mobile security management tool in place. You have to make sure you can authenticate the identity of user of the device.

Do you see CSOs increasingly taking a role in data loss prevention, or is it primarily an HR or IT issue?

It isa CSO issue – and has been one for a long time. Attacks mostly are about data, as that is typically the format of your most valuable intellectual property, so CSOs must protect IP. CSOs also need to keep in mind that attacks also involve protecting identities.

Did you enjoy this article? Click here to subscribe to Security Magazine.

Events

The tragedy of the United States domestic violence situation is impossible to quantify. There is both a sordid history and an on-going crisis; a crisis that has become normalized. Since 2000, approximately more than 20,000 women have been murdered by domestic partners, or "family terrorists".

After attending this webinar, you will be able to identify and recognize how social media has changed corporate security, explore the implications of social media and make changes to your security team to compensate, obtain actionable insight into how to use social media to your advantage, utilize Real-life examples of how social media can be used as a critical dataset for effective event response

Products

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

Private industries need to join the fight against terrorist ideologies, says Financial Integrity Network Chairman Juan Zarate. Read how in the July edition of Security magazine. This issue also includes guidance about CSO compensation and salary, banking security, emergency notifications and more.